Resolve NETAPI library coverity warnings.
[keystone-rtos/netapi.git] / ti / runtime / netapi / test / net_test_sa_utils.c
1 /******************************************
2  * File: net_test_sa_utils.c
3  * Purpose: net_test application security associations utilities
4  **************************************************************
5  * FILE:  net_test_sa_utils.c
6  * 
7  * DESCRIPTION:  net_test application security associations utilities
8  * 
9  * REVISION HISTORY:
10  *
11  *  Copyright (c) Texas Instruments Incorporated 2013
12  * 
13  *  Redistribution and use in source and binary forms, with or without 
14  *  modification, are permitted provided that the following conditions 
15  *  are met:
16  *
17  *    Redistributions of source code must retain the above copyright 
18  *    notice, this list of conditions and the following disclaimer.
19  *
20  *    Redistributions in binary form must reproduce the above copyright
21  *    notice, this list of conditions and the following disclaimer in the 
22  *    documentation and/or other materials provided with the   
23  *    distribution.
24  *
25  *    Neither the name of Texas Instruments Incorporated nor the names of
26  *    its contributors may be used to endorse or promote products derived
27  *    from this software without specific prior written permission.
28  *
29  *  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 
30  *  "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 
31  *  LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
32  *  A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 
33  *  OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 
34  *  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 
35  *  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
36  *  DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
37  *  THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 
38  *  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 
39  *  OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
41  *****************************************/
43 #include "net_test.h"
44 #include "ti/runtime/netapi/netapi.h"
45 #include "net_test_sa_utils.h"
46 #include "net_test_utils.h"
48 #include <signal.h>
49 #include <pthread.h>
51 #include <ti/drv/sa/salld.h>
52 #include <ti/drv/pa/pa.h>
54 extern NETAPI_T netapi_handle;
55 extern netTestConfig_t netTestCfg;
56 extern netTestConfig_t config;
57 extern netTestSA_t sa_info[];
58 extern NETCP_CFG_IPSEC_POLICY_T rx_policy[];
60 /* pktio channels externs */
61 extern PKTIO_HANDLE_T *netcp_rx_chan;
62 extern PKTIO_HANDLE_T *netcp_rx_chan2;
63 extern PKTIO_HANDLE_T *netcp_tx_chan;
64 extern PKTIO_HANDLE_T *netcp_tx_chan_ah;
65 extern PKTIO_HANDLE_T *netcp_sb_tx_chan;
66 extern PKTIO_HANDLE_T *netcp_sb_rx_chan;
67 extern PKTIO_CFG_T our_chan_cfg;
68 extern PKTIO_CFG_T netcp_rx_cfg;
69 extern PKTIO_CFG_T netcp_rx_cfg2;
70 extern PKTIO_CFG_T netcp_tx_cfg;
71 extern PKTIO_CFG_T netcp_sb_rx_cfg;
72 extern PKTIO_CFG_T netcp_sb_tx_cfg;
73 /* end pktio channels externs */
75 extern Trie *p_trie_sa_rx;
76 extern Trie *p_trie_sa_tx;
80 void  netTest_utilBuildSADB(int i)
81 {
82     long tmp_spi;
83     long tmp_tunnel;
84     if ((netTestCfg.sa[i].authMode== NWAL_SA_AALG_HMAC_SHA1) &&
85         (netTestCfg.sa[i].cipherMode == NWAL_SA_EALG_AES_CBC))
86     {
87         /* static configuration, will not change */
88         sa_info[i].tx_payload_info.aadSize = 0;
89         sa_info[i].tx_payload_info.pAad = NULL;
90         sa_info[i].tx_payload_info.pAuthIV = NULL;
91         sa_info[i].tx_payload_info.authOffset = netTest_MAC_HEADER_LEN +
92                                                 netTest_IP_HEADER_LEN;
93         
94         sa_info[i].tx_payload_info.encOffset = netTest_MAC_HEADER_LEN +
95                                                netTest_IP_HEADER_LEN +
96                                                netTest_ESP_HEADER_LEN +
97                                                netTest_AES_CBC_IV_LEN;
99         /* dynamic configuration, will  be calculated on the fly */
100         sa_info[i].tx_payload_info.authSize = 0;
101         sa_info[i].tx_payload_info.encSize = 0;
102         sa_info[i].tx_payload_info.pEncIV = 0;
104         sa_info[i].cipherMode = netTestCfg.sa[i].cipherMode;
105         sa_info[i].authMode = netTestCfg.sa[i].authMode;
106         sa_info[i].inner_ip_offset = sa_info[i].tx_payload_info.encOffset;
107         sa_info[i].auth_tag_size = netTest_ICV_LEN;
109         sa_info[i].iv_len=16;
110         sa_info[i].bl=16;
112         sa_info[i].tx_pkt_info.enetPort = 0;
113         sa_info[i].tx_pkt_info.ipOffBytes = sa_info[i].tx_payload_info.encOffset;
114         sa_info[i].tx_pkt_info.l4HdrLen = netTest_UDP_HEADER_LEN;
115         sa_info[i].tx_pkt_info.l4OffBytes = sa_info[i].inner_ip_offset + netTest_IP_HEADER_LEN;
116         sa_info[i].tx_pkt_info.startOffset = 0;
117         sa_info[i].tx_pkt_info.lpbackPass = 0;
118         sa_info[i].tx_pkt_info.ploadLen = 0; 
119         sa_info[i].tx_pkt_info.pPkt = NULL;
120         sa_info[i].tx_pkt_info.saOffBytes = netTest_MAC_HEADER_LEN + netTest_IP_HEADER_LEN;
121         sa_info[i].tx_pkt_info.saPayloadLen = 0;
122         sa_info[i].tx_pkt_info.pseudoHdrChecksum =0;
123        
124         sa_info[i].tx_pkt_info.txFlag1 = NWAL_TX_FLAG1_DO_IPSEC_ESP_CRYPTO |
125                                          NWAL_TX_FLAG1_DO_UDP_CHKSUM |
126                                          NWAL_TX_FLAG1_META_DATA_VALID ;
127         sa_info[i].dir =netTestCfg.sa[i].dir;
128         tmp_spi = netTest_utilHtonl((long)(netTestCfg.sa[i].spi));
129         tmp_tunnel = netTest_utilHtonl((long)(netTestCfg.tunnel_id[i]));
130         sa_info[i].spi =tmp_spi;
131         sa_info[i].tunnel_id = tmp_tunnel;
132         sa_info[i].src = *((long *)&netTestCfg.sa[i].src.ipv4[0]);
133         sa_info[i].dst = *((long *)&netTestCfg.sa[i].dst.ipv4[0]);
135         if (netTestCfg.sa[i].dir == NWAL_SA_DIR_INBOUND)
136         {
137             trie_insert(p_trie_sa_rx,(char *)&tmp_spi,4, (void *) &sa_info[i]);
138         }
139         else
140         {
141            trie_insert(p_trie_sa_tx,(char *)&tmp_tunnel,4, (void *) &sa_info[i]);
142         }
143     }
144     else if ((netTestCfg.sa[i].authMode== NWAL_SA_AALG_NULL) &&
145              (netTestCfg.sa[i].cipherMode == NWAL_SA_EALG_AES_CTR))
146     {
147         /* static configuration, will not change */
148         sa_info[i].tx_payload_info.aadSize = 0;
149         sa_info[i].tx_payload_info.pAad = NULL;
150         sa_info[i].tx_payload_info.pAuthIV = NULL;
151         sa_info[i].tx_payload_info.authOffset = netTest_MAC_HEADER_LEN +
152                                                 netTest_IP_HEADER_LEN;
154         sa_info[i].tx_payload_info.encOffset = netTest_MAC_HEADER_LEN +
155                                                netTest_IP_HEADER_LEN +
156                                                netTest_ESP_HEADER_LEN +
157                                                netTest_AES_CTR_IV_LEN;
158         /* dynamic configuration, will  be calculated on the fly */
159         sa_info[i].tx_payload_info.authSize = 0;
160         sa_info[i].tx_payload_info.encSize = 0;
161         sa_info[i].tx_payload_info.pEncIV = 0;
163         sa_info[i].cipherMode = netTestCfg.sa[i].cipherMode;
164         sa_info[i].authMode = netTestCfg.sa[i].authMode;
165         sa_info[i].inner_ip_offset = sa_info[i].tx_payload_info.encOffset;
166         sa_info[i].auth_tag_size = 0;
167         sa_info[i].iv_len=8;
168         sa_info[i].bl=8;
170         sa_info[i].tx_pkt_info.enetPort = 0;
171         sa_info[i].tx_pkt_info.ipOffBytes = sa_info[i].tx_payload_info.encOffset;
172         sa_info[i].tx_pkt_info.l4HdrLen = netTest_UDP_HEADER_LEN;
173         sa_info[i].tx_pkt_info.l4OffBytes = sa_info[i].inner_ip_offset + netTest_IP_HEADER_LEN;
174         sa_info[i].tx_pkt_info.startOffset = 0;
175         sa_info[i].tx_pkt_info.lpbackPass = 0;
176         sa_info[i].tx_pkt_info.ploadLen = 0;
177         sa_info[i].tx_pkt_info.pPkt = NULL;
178         sa_info[i].tx_pkt_info.saOffBytes = netTest_MAC_HEADER_LEN  + netTest_IP_HEADER_LEN;
179         sa_info[i].tx_pkt_info.startOffset = 0;
180         sa_info[i].tx_pkt_info.lpbackPass = 0;
181         sa_info[i].tx_pkt_info.ploadLen = 0;
182         sa_info[i].tx_pkt_info.pPkt = NULL;
183         sa_info[i].tx_pkt_info.saOffBytes = netTest_MAC_HEADER_LEN  + netTest_IP_HEADER_LEN;
184         sa_info[i].tx_pkt_info.saPayloadLen = 0;
185         sa_info[i].tx_pkt_info.pseudoHdrChecksum =0;
187         sa_info[i].key_params = &netTestCfg.key_params[i];
189         sa_info[i].tx_pkt_info.txFlag1 = NWAL_TX_FLAG1_DO_IPSEC_ESP_CRYPTO| NWAL_TX_FLAG1_DO_UDP_CHKSUM| NWAL_TX_FLAG1_META_DATA_VALID ;
190         sa_info[i].dir =netTestCfg.sa[i].dir;
191         tmp_spi = netTest_utilHtonl((long)(netTestCfg.sa[i].spi));
192         tmp_tunnel = netTest_utilHtonl((long)(netTestCfg.tunnel_id[i]));
193         sa_info[i].spi =tmp_spi;
194         sa_info[i].tunnel_id = tmp_tunnel;
195         sa_info[i].src = *((long *)&netTestCfg.sa[i].src.ipv4[0]);
196         sa_info[i].dst = *((long *)&netTestCfg.sa[i].dst.ipv4[0]);
197         if (netTestCfg.sa[i].dir == NWAL_SA_DIR_INBOUND)
198         {
199            trie_insert(p_trie_sa_rx,(char *)&tmp_spi,4, (void *) &sa_info[i]);
200         }
201         else
202         {
203            trie_insert(p_trie_sa_tx,(char *)&tmp_tunnel,4, (void *) &sa_info[i]);
204         }
205     }
206     else if ((netTestCfg.sa[i].authMode== NWAL_SA_AALG_HMAC_SHA2_256) &&
207              (netTestCfg.sa[i].cipherMode == NWAL_SA_EALG_AES_CTR))
208     {
209         /* static configuration, will not change */
210         sa_info[i].tx_payload_info.aadSize = 0;
211         sa_info[i].tx_payload_info.pAad = NULL;
212         sa_info[i].tx_payload_info.pAuthIV = NULL;
213         sa_info[i].tx_payload_info.authOffset = netTest_MAC_HEADER_LEN +
214                                                 netTest_IP_HEADER_LEN;
216         sa_info[i].tx_payload_info.encOffset = netTest_MAC_HEADER_LEN +
217                                                netTest_IP_HEADER_LEN +
218                                                netTest_ESP_HEADER_LEN +
219                                                netTest_AES_CTR_IV_LEN;
221         /* dynamic configuration, will  be calculated on the fly */
222         sa_info[i].tx_payload_info.authSize = 0;
223         sa_info[i].tx_payload_info.encSize = 0;
224         sa_info[i].tx_payload_info.pEncIV = 0;
226         sa_info[i].cipherMode = netTestCfg.sa[i].cipherMode;
227         sa_info[i].authMode = netTestCfg.sa[i].authMode;
228         sa_info[i].inner_ip_offset = sa_info[i].tx_payload_info.encOffset;
229         sa_info[i].auth_tag_size = netTest_ICV_LEN;
230         sa_info[i].iv_len=8;
231         sa_info[i].bl=8;
233         sa_info[i].tx_pkt_info.enetPort = 0;
234         sa_info[i].tx_pkt_info.ipOffBytes = sa_info[i].tx_payload_info.encOffset;
235         sa_info[i].tx_pkt_info.l4HdrLen = netTest_UDP_HEADER_LEN;
236         sa_info[i].tx_pkt_info.l4OffBytes = sa_info[i].inner_ip_offset + netTest_IP_HEADER_LEN;
237         sa_info[i].tx_pkt_info.startOffset = 0;
238         sa_info[i].tx_pkt_info.lpbackPass = 0;
239         sa_info[i].tx_pkt_info.ploadLen = 0;
240         sa_info[i].tx_pkt_info.pPkt = NULL;
241         sa_info[i].tx_pkt_info.saOffBytes = netTest_MAC_HEADER_LEN  + netTest_IP_HEADER_LEN;
242         sa_info[i].tx_pkt_info.saPayloadLen = 0;
243         sa_info[i].tx_pkt_info.pseudoHdrChecksum =0;
245         sa_info[i].key_params = &netTestCfg.key_params[i];
247         sa_info[i].tx_pkt_info.txFlag1 = NWAL_TX_FLAG1_DO_IPSEC_ESP_CRYPTO| NWAL_TX_FLAG1_DO_UDP_CHKSUM| NWAL_TX_FLAG1_META_DATA_VALID ;
248         sa_info[i].dir =netTestCfg.sa[i].dir;
249         tmp_spi = netTest_utilHtonl((long)(netTestCfg.sa[i].spi));
250         tmp_tunnel = netTest_utilHtonl((long)(netTestCfg.tunnel_id[i]));
251         sa_info[i].spi =tmp_spi;
252         sa_info[i].tunnel_id = tmp_tunnel;
253         sa_info[i].src = *((long *)&netTestCfg.sa[i].src.ipv4[0]);
254         sa_info[i].dst = *((long *)&netTestCfg.sa[i].dst.ipv4[0]);
255         if (netTestCfg.sa[i].dir == NWAL_SA_DIR_INBOUND)
256         {
257            trie_insert(p_trie_sa_rx,(char *)&tmp_spi,4, (void *) &sa_info[i]);
258         }
259         else
260         {
261            trie_insert(p_trie_sa_tx,(char *)&tmp_tunnel,4, (void *) &sa_info[i]);
262         }
263     }
264     else if ((netTestCfg.sa[i].authMode== NWAL_SA_AALG_HMAC_SHA2_256) &&
265              (netTestCfg.sa[i].cipherMode == NWAL_SA_EALG_3DES_CBC))
266     {
267         /* static configuration, will not change */
268         sa_info[i].tx_payload_info.aadSize = 0;
269         sa_info[i].tx_payload_info.pAad = NULL;
270         sa_info[i].tx_payload_info.pAuthIV = NULL;
271         sa_info[i].tx_payload_info.authOffset = netTest_MAC_HEADER_LEN +
272                                                 netTest_IP_HEADER_LEN;
274         sa_info[i].tx_payload_info.encOffset = netTest_MAC_HEADER_LEN +
275                                                netTest_IP_HEADER_LEN +
276                                                netTest_ESP_HEADER_LEN +
277                                                netTest_3DES_CBC_IV_LEN;
279         /* dynamic configuration, will  be calculated on the fly */
280         sa_info[i].tx_payload_info.authSize = 0;
281         sa_info[i].tx_payload_info.encSize = 0;
282         sa_info[i].tx_payload_info.pEncIV = 0;
284         sa_info[i].cipherMode = netTestCfg.sa[i].cipherMode;
285         sa_info[i].authMode = netTestCfg.sa[i].authMode;
286         sa_info[i].inner_ip_offset = sa_info[i].tx_payload_info.encOffset;
287         sa_info[i].auth_tag_size = netTest_ICV_LEN;
289         sa_info[i].iv_len=8;
290         sa_info[i].bl=8;
292         sa_info[i].tx_pkt_info.enetPort = 0;
293         sa_info[i].tx_pkt_info.ipOffBytes = sa_info[i].tx_payload_info.encOffset;
294         sa_info[i].tx_pkt_info.l4HdrLen = netTest_UDP_HEADER_LEN;
295         sa_info[i].tx_pkt_info.l4OffBytes = sa_info[i].inner_ip_offset + netTest_IP_HEADER_LEN;
296         sa_info[i].tx_pkt_info.startOffset = 0;
297         sa_info[i].tx_pkt_info.lpbackPass = 0;
298         sa_info[i].tx_pkt_info.ploadLen = 0;
299         sa_info[i].tx_pkt_info.pPkt = NULL;
300         sa_info[i].tx_pkt_info.saOffBytes = netTest_MAC_HEADER_LEN  + netTest_IP_HEADER_LEN;
301         sa_info[i].tx_pkt_info.saPayloadLen = 0;
302         sa_info[i].tx_pkt_info.pseudoHdrChecksum =0;
303        
304         sa_info[i].tx_pkt_info.txFlag1 = NWAL_TX_FLAG1_DO_IPSEC_ESP_CRYPTO |
305                                          NWAL_TX_FLAG1_DO_UDP_CHKSUM |
306                                          NWAL_TX_FLAG1_META_DATA_VALID ;
308         sa_info[i].dir =netTestCfg.sa[i].dir;
309         tmp_spi = netTest_utilHtonl((long)(netTestCfg.sa[i].spi));
310         tmp_tunnel = netTest_utilHtonl((long)(netTestCfg.tunnel_id[i]));
311         sa_info[i].spi =tmp_spi;
312         sa_info[i].tunnel_id = tmp_tunnel;
313         sa_info[i].src = *((long *)&netTestCfg.sa[i].src.ipv4[0]);
314         sa_info[i].dst = *((long *)&netTestCfg.sa[i].dst.ipv4[0]);
315         if (netTestCfg.sa[i].dir == NWAL_SA_DIR_INBOUND)
316         {
317            trie_insert(p_trie_sa_rx,(char *)&tmp_spi,4, (void *) &sa_info[i]);
318         }
319         else
320         {
321            trie_insert(p_trie_sa_tx,(char *)&tmp_tunnel,4, (void *) &sa_info[i]);
322         }
323     }
324     else if ((netTestCfg.sa[i].authMode== NWAL_SA_AALG_HMAC_MD5) &&
325              (netTestCfg.sa[i].cipherMode == NWAL_SA_EALG_NULL))
326     {
327         /* static configuration, will not change */
328         sa_info[i].tx_payload_info.aadSize = 0;
329         sa_info[i].tx_payload_info.pAad = NULL;
330         sa_info[i].tx_payload_info.pAuthIV = NULL;
331         sa_info[i].tx_payload_info.authOffset = netTest_MAC_HEADER_LEN;
333         sa_info[i].tx_payload_info.encOffset =         netTest_MAC_HEADER_LEN +
334                                                        netTest_IP_HEADER_LEN +
335                                                        netTest_NULL_ESP_HEADER_LEN +
336                                                        netTest_NULL_IV_LEN +
337                                                        24;
338         sa_info[i].iv_len=0;
339         sa_info[i].bl=4;
341         /* dynamic configuration, will  be calculated on the fly */
342         sa_info[i].tx_payload_info.authSize = 0;
343         sa_info[i].tx_payload_info.encSize = 0;
344         sa_info[i].tx_payload_info.pEncIV = 0;
346         sa_info[i].cipherMode = netTestCfg.sa[i].cipherMode;
347         sa_info[i].authMode = netTestCfg.sa[i].authMode;
348         sa_info[i].inner_ip_offset = sa_info[i].tx_payload_info.encOffset;
349         sa_info[i].auth_tag_size = netTest_ICV_LEN;
351         sa_info[i].tx_pkt_info.enetPort = 0;
352         sa_info[i].tx_pkt_info.ipOffBytes = sa_info[i].tx_payload_info.encOffset;
353         sa_info[i].tx_pkt_info.l4HdrLen = netTest_UDP_HEADER_LEN;
354         sa_info[i].tx_pkt_info.l4OffBytes = sa_info[i].inner_ip_offset + netTest_IP_HEADER_LEN;
355         sa_info[i].tx_pkt_info.startOffset = 0;
356         sa_info[i].tx_pkt_info.lpbackPass = 0;
357         sa_info[i].tx_pkt_info.ploadLen = 0;
358         sa_info[i].tx_pkt_info.pPkt = NULL;
359         sa_info[i].tx_pkt_info.saOffBytes = netTest_MAC_HEADER_LEN;
360         sa_info[i].tx_pkt_info.saPayloadLen = 0;
361         sa_info[i].tx_pkt_info.pseudoHdrChecksum =0;
362         sa_info[i].tx_pkt_info.txFlag1 = NWAL_TX_FLAG1_DO_IPSEC_AH_CRYPTO |
363                                          NWAL_TX_FLAG1_DO_UDP_CHKSUM |
364                                          NWAL_TX_FLAG1_META_DATA_VALID;
365         sa_info[i].dir =netTestCfg.sa[i].dir;
366         tmp_spi = netTest_utilHtonl((long)(netTestCfg.sa[i].spi));
367         tmp_tunnel = netTest_utilHtonl((long)(netTestCfg.tunnel_id[i]));
368         sa_info[i].spi =tmp_spi;
369         sa_info[i].tunnel_id = tmp_tunnel;
370         sa_info[i].src = *((long *)&netTestCfg.sa[i].src.ipv4[0]);
371         sa_info[i].dst = *((long *)&netTestCfg.sa[i].dst.ipv4[0]);
372         if (netTestCfg.sa[i].dir == NWAL_SA_DIR_INBOUND)
373         {
374            trie_insert(p_trie_sa_rx,(char *)&tmp_spi,4, (void *) &sa_info[i]);
375         }
376         else
377         {
378            trie_insert(p_trie_sa_tx,(char *)&tmp_tunnel,4, (void *) &sa_info[i]);
379         }
380     }
381     else if ((netTestCfg.sa[i].authMode== NWAL_SA_AALG_NULL) &&
382              (netTestCfg.sa[i].cipherMode == NWAL_SA_EALG_AES_GCM))
383     {
384         /* static configuration, will not change */
385         sa_info[i].tx_payload_info.aadSize = 0;
386         sa_info[i].tx_payload_info.pAad = NULL;
387         sa_info[i].tx_payload_info.pAuthIV = NULL;
388         sa_info[i].tx_payload_info.authOffset = netTest_MAC_HEADER_LEN +
389                                                 netTest_IP_HEADER_LEN;
391         sa_info[i].tx_payload_info.encOffset =         netTest_MAC_HEADER_LEN +
392                                                        netTest_IP_HEADER_LEN +
393                                                        netTest_ESP_HEADER_LEN +
394                                                        netTest_AES_GCM_IV_LEN;
396         sa_info[i].iv_len=0;
397         sa_info[i].bl=4;
399         /* dynamic configuration, will  be calculated on the fly */
400         sa_info[i].tx_payload_info.authSize = 0;
401         sa_info[i].tx_payload_info.encSize = 0;
402         sa_info[i].tx_payload_info.pEncIV = 0;
404         sa_info[i].cipherMode = netTestCfg.sa[i].cipherMode;
405         sa_info[i].authMode = netTestCfg.sa[i].authMode;
406         sa_info[i].inner_ip_offset = sa_info[i].tx_payload_info.encOffset;
407         sa_info[i].auth_tag_size = netTest_AES_GCM_CCM_ICV_LEN;
409         sa_info[i].tx_pkt_info.enetPort = 0;
410         sa_info[i].tx_pkt_info.ipOffBytes = sa_info[i].tx_payload_info.encOffset;
411         sa_info[i].tx_pkt_info.l4HdrLen = netTest_UDP_HEADER_LEN;
412         sa_info[i].tx_pkt_info.l4OffBytes = sa_info[i].inner_ip_offset + netTest_IP_HEADER_LEN;
413         sa_info[i].tx_pkt_info.startOffset = 0;
414         sa_info[i].tx_pkt_info.lpbackPass = 0;
415         sa_info[i].tx_pkt_info.ploadLen = 0;
416         sa_info[i].tx_pkt_info.pPkt = NULL;
417         sa_info[i].tx_pkt_info.saOffBytes = netTest_MAC_HEADER_LEN + netTest_IP_HEADER_LEN;
418         sa_info[i].tx_pkt_info.saPayloadLen = 0;
419         sa_info[i].tx_pkt_info.pseudoHdrChecksum =0;
420        
421         sa_info[i].tx_pkt_info.txFlag1 = NWAL_TX_FLAG1_DO_IPSEC_ESP_CRYPTO |
422                                          NWAL_TX_FLAG1_DO_UDP_CHKSUM |
423                                          NWAL_TX_FLAG1_META_DATA_VALID;
425         sa_info[i].dir =netTestCfg.sa[i].dir;
426         tmp_spi = netTest_utilHtonl((long)(netTestCfg.sa[i].spi));
427         tmp_tunnel = netTest_utilHtonl((long)(netTestCfg.tunnel_id[i]));
428         sa_info[i].spi =tmp_spi;
429         sa_info[i].tunnel_id = tmp_tunnel;
430         sa_info[i].src = *((long *)&netTestCfg.sa[i].src.ipv4[0]);
431         sa_info[i].dst = *((long *)&netTestCfg.sa[i].dst.ipv4[0]);
432         if (netTestCfg.sa[i].dir == NWAL_SA_DIR_INBOUND)
433         {
434            trie_insert(p_trie_sa_rx,(char *)&tmp_spi,4, (void *) &sa_info[i]);
435         }
436         else
437         {
438            trie_insert(p_trie_sa_tx,(char *)&tmp_tunnel,4, (void *) &sa_info[i]);
439         }
440     }
441     else if ((netTestCfg.sa[i].authMode== NWAL_SA_AALG_NULL) &&
442              (netTestCfg.sa[i].cipherMode == NWAL_SA_EALG_NULL))
443     {
444         /* static configuration, will not change */
445         sa_info[i].tx_payload_info.aadSize = 0;
446         sa_info[i].tx_payload_info.pAad = NULL;
447         sa_info[i].tx_payload_info.pAuthIV = NULL;
448         sa_info[i].tx_payload_info.authOffset = netTest_MAC_HEADER_LEN +
449                                                 netTest_IP_HEADER_LEN;
450          sa_info[i].tx_payload_info.encOffset =         netTest_MAC_HEADER_LEN +
451                                                        netTest_IP_HEADER_LEN +
452                                                        netTest_ESP_HEADER_LEN;
454         sa_info[i].iv_len=0;
455         sa_info[i].bl=0;
457         /* dynamic configuration, will  be calculated on the fly */
458         sa_info[i].tx_payload_info.authSize = 0;
459         sa_info[i].tx_payload_info.encSize = 0;
460         sa_info[i].tx_payload_info.pEncIV = 0;
462         sa_info[i].cipherMode = netTestCfg.sa[i].cipherMode;
463         sa_info[i].authMode = netTestCfg.sa[i].authMode;
464         sa_info[i].inner_ip_offset = sa_info[i].tx_payload_info.encOffset;
465         sa_info[i].auth_tag_size = 0;
467         sa_info[i].tx_pkt_info.enetPort = 0;
468         sa_info[i].tx_pkt_info.ipOffBytes = sa_info[i].tx_payload_info.encOffset;
469         sa_info[i].tx_pkt_info.l4HdrLen = netTest_UDP_HEADER_LEN;
470         sa_info[i].tx_pkt_info.l4OffBytes = sa_info[i].inner_ip_offset + netTest_IP_HEADER_LEN;
471         sa_info[i].tx_pkt_info.startOffset = 0;
472         sa_info[i].tx_pkt_info.lpbackPass = 0;
473         sa_info[i].tx_pkt_info.ploadLen = 0;
474         sa_info[i].tx_pkt_info.pPkt = NULL;
475         sa_info[i].tx_pkt_info.saOffBytes = netTest_MAC_HEADER_LEN  + netTest_IP_HEADER_LEN;
476         sa_info[i].tx_pkt_info.saPayloadLen = 0;
477         sa_info[i].tx_pkt_info.pseudoHdrChecksum =0;
478         sa_info[i].tx_pkt_info.txFlag1 = NWAL_TX_FLAG1_DO_IPSEC_ESP_CRYPTO |
479                                          NWAL_TX_FLAG1_DO_UDP_CHKSUM |
480                                          NWAL_TX_FLAG1_META_DATA_VALID;
482         sa_info[i].dir =netTestCfg.sa[i].dir;
483         tmp_spi = netTest_utilHtonl((long)(netTestCfg.sa[i].spi));
484         tmp_tunnel = netTest_utilHtonl((long)(netTestCfg.tunnel_id[i]));
485         sa_info[i].spi =tmp_spi;
486         sa_info[i].tunnel_id = tmp_tunnel;
487         sa_info[i].src = *((long *)&netTestCfg.sa[i].src.ipv4[0]);
488         sa_info[i].dst = *((long *)&netTestCfg.sa[i].dst.ipv4[0]);
489         if (netTestCfg.sa[i].dir == NWAL_SA_DIR_INBOUND)
490         {
491            trie_insert(p_trie_sa_rx,(char *)&tmp_spi,4, (void *) &sa_info[i]);
492         }
493         else
494         {
495            trie_insert(p_trie_sa_tx,(char *)&tmp_tunnel,4, (void *) &sa_info[i]);
496         }
498     }
499     else if ((netTestCfg.sa[i].authMode== NWAL_SA_AALG_NULL) &&
500              (netTestCfg.sa[i].cipherMode == NWAL_SA_EALG_AES_CCM))
501     {
502         /* static configuration, will not change */
503         sa_info[i].tx_payload_info.aadSize = 0;
504         sa_info[i].tx_payload_info.pAad = NULL;
505         sa_info[i].tx_payload_info.pAuthIV = NULL;
506         sa_info[i].tx_payload_info.authOffset = netTest_MAC_HEADER_LEN +
507                                                 netTest_IP_HEADER_LEN;
509         sa_info[i].tx_payload_info.encOffset =         netTest_MAC_HEADER_LEN +
510                                                        netTest_IP_HEADER_LEN +
511                                                        netTest_ESP_HEADER_LEN +
512                                                        netTest_AES_CCM_IV_LEN;
514         sa_info[i].iv_len=0;
515         sa_info[i].bl=4;
517         /* dynamic configuration, will  be calculated on the fly */
518         sa_info[i].tx_payload_info.authSize = 0;
519         sa_info[i].tx_payload_info.encSize = 0;
520         sa_info[i].tx_payload_info.pEncIV = 0;
522         sa_info[i].cipherMode = netTestCfg.sa[i].cipherMode;
523         sa_info[i].authMode = netTestCfg.sa[i].authMode;
524         sa_info[i].inner_ip_offset = sa_info[i].tx_payload_info.encOffset;
525         sa_info[i].auth_tag_size = netTest_AES_GCM_CCM_ICV_LEN;
527         sa_info[i].tx_pkt_info.enetPort = 0;
528         sa_info[i].tx_pkt_info.ipOffBytes = sa_info[i].tx_payload_info.encOffset;
529         sa_info[i].tx_pkt_info.l4HdrLen = netTest_UDP_HEADER_LEN;
530         sa_info[i].tx_pkt_info.l4OffBytes = sa_info[i].inner_ip_offset + netTest_IP_HEADER_LEN;
531         sa_info[i].tx_pkt_info.startOffset = 0;
532         sa_info[i].tx_pkt_info.lpbackPass = 0;
533         sa_info[i].tx_pkt_info.ploadLen = 0;
534         sa_info[i].tx_pkt_info.pPkt = NULL;
535         sa_info[i].tx_pkt_info.saOffBytes = netTest_MAC_HEADER_LEN  + netTest_IP_HEADER_LEN;
536         sa_info[i].tx_pkt_info.saPayloadLen = 0;
537         sa_info[i].tx_pkt_info.pseudoHdrChecksum =0;
538        
539         sa_info[i].tx_pkt_info.txFlag1 = NWAL_TX_FLAG1_DO_IPSEC_ESP_CRYPTO |
540                                          NWAL_TX_FLAG1_DO_UDP_CHKSUM |
541                                          NWAL_TX_FLAG1_META_DATA_VALID;
542         
543         sa_info[i].dir =netTestCfg.sa[i].dir;
544         tmp_spi = netTest_utilHtonl((long)(netTestCfg.sa[i].spi));
545         tmp_tunnel = netTest_utilHtonl((long)(netTestCfg.tunnel_id[i]));
546         sa_info[i].spi =tmp_spi;
547         sa_info[i].tunnel_id = tmp_tunnel;
548         sa_info[i].src = *((long *)&netTestCfg.sa[i].src.ipv4[0]);
549         sa_info[i].dst = *((long *)&netTestCfg.sa[i].dst.ipv4[0]);
550         if (netTestCfg.sa[i].dir == NWAL_SA_DIR_INBOUND)
551         {
552            trie_insert(p_trie_sa_rx,(char *)&tmp_spi,4, (void *) &sa_info[i]);
553         }
554         else
555         {
556            trie_insert(p_trie_sa_tx,(char *)&tmp_tunnel,4, (void *) &sa_info[i]);
557         }
558     }
559     else if ((netTestCfg.sa[i].authMode== NWAL_SA_AALG_AES_XCBC) &&
560              (netTestCfg.sa[i].cipherMode == NWAL_SA_EALG_NULL))
561     {
562         /* static configuration, will not change */
563         sa_info[i].tx_payload_info.aadSize = 0;
564         sa_info[i].tx_payload_info.pAad = NULL;
565         sa_info[i].tx_payload_info.pAuthIV = NULL;
566         sa_info[i].tx_payload_info.authOffset = netTest_MAC_HEADER_LEN +
567                                                 netTest_IP_HEADER_LEN;
569         sa_info[i].tx_payload_info.encOffset =         netTest_MAC_HEADER_LEN +
570                                                        netTest_IP_HEADER_LEN +
571                                                        netTest_ESP_HEADER_LEN +
572                                                        netTest_NULL_IV_LEN;
574         sa_info[i].iv_len=0;
575         sa_info[i].bl=4;
577         /* dynamic configuration, will  be calculated on the fly */
578         sa_info[i].tx_payload_info.authSize = 0;
579         sa_info[i].tx_payload_info.encSize = 0;
580         //sa_info[i].tx_payload_info.ploadLen = 0;
581         sa_info[i].tx_payload_info.pEncIV = 0;
583         sa_info[i].cipherMode = netTestCfg.sa[i].cipherMode;
584         sa_info[i].authMode = netTestCfg.sa[i].authMode;
585         sa_info[i].inner_ip_offset = sa_info[i].tx_payload_info.encOffset;
586         sa_info[i].auth_tag_size = netTest_ICV_LEN;
588         sa_info[i].tx_pkt_info.enetPort = 0;
589         sa_info[i].tx_pkt_info.ipOffBytes = sa_info[i].tx_payload_info.encOffset;
590         sa_info[i].tx_pkt_info.l4HdrLen = netTest_UDP_HEADER_LEN;
591         sa_info[i].tx_pkt_info.l4OffBytes = sa_info[i].inner_ip_offset + netTest_IP_HEADER_LEN;
592         sa_info[i].tx_pkt_info.startOffset = 0;
593         sa_info[i].tx_pkt_info.lpbackPass = 0;
594         sa_info[i].tx_pkt_info.ploadLen = 0;
595         sa_info[i].tx_pkt_info.pPkt = NULL;
596         sa_info[i].tx_pkt_info.saOffBytes = netTest_MAC_HEADER_LEN  + netTest_IP_HEADER_LEN;
597         sa_info[i].tx_pkt_info.saPayloadLen = 0;
598         sa_info[i].tx_pkt_info.pseudoHdrChecksum =0;
599        
600         sa_info[i].tx_pkt_info.txFlag1 = NWAL_TX_FLAG1_DO_IPSEC_ESP_CRYPTO |
601                                          NWAL_TX_FLAG1_DO_UDP_CHKSUM|
602                                          NWAL_TX_FLAG1_META_DATA_VALID;
603         
604         sa_info[i].dir =netTestCfg.sa[i].dir;
605         tmp_spi = netTest_utilHtonl((long)(netTestCfg.sa[i].spi));
606         tmp_tunnel = netTest_utilHtonl((long)(netTestCfg.tunnel_id[i]));
607         sa_info[i].spi =tmp_spi;
608         sa_info[i].tunnel_id = tmp_tunnel;
609         sa_info[i].src = *((long *)&netTestCfg.sa[i].src.ipv4[0]);
610         sa_info[i].dst = *((long *)&netTestCfg.sa[i].dst.ipv4[0]);
611         if (netTestCfg.sa[i].dir == NWAL_SA_DIR_INBOUND)
612         {
613            trie_insert(p_trie_sa_rx,(char *)&tmp_spi,4, (void *) &sa_info[i]);
614         }
615         else
616         {
617            trie_insert(p_trie_sa_tx,(char *)&tmp_tunnel,4, (void *) &sa_info[i]);
618         }
619     }
620     else if ((netTestCfg.sa[i].authMode== NWAL_SA_AALG_GMAC) &&
621              (netTestCfg.sa[i].cipherMode == NWAL_SA_EALG_NULL))
622     {
623         /* static configuration, will not change */
624         sa_info[i].tx_payload_info.aadSize = 0;
625         sa_info[i].tx_payload_info.pAad = NULL;
626         sa_info[i].tx_payload_info.pAuthIV = NULL;
627         sa_info[i].tx_payload_info.authOffset = netTest_MAC_HEADER_LEN +
628                                                 netTest_IP_HEADER_LEN;
630         sa_info[i].tx_payload_info.encOffset =         netTest_MAC_HEADER_LEN +
631                                                        netTest_IP_HEADER_LEN +
632                                                        netTest_ESP_HEADER_LEN +
633                                                        netTest_AES_GMAC_IV_LEN;
635         sa_info[i].iv_len=0;
636         sa_info[i].bl=4;
638         /* dynamic configuration, will  be calculated on the fly */
639         sa_info[i].tx_payload_info.authSize = 0;
640         sa_info[i].tx_payload_info.encSize = 0;
641         sa_info[i].tx_payload_info.pEncIV = 0;
642         sa_info[i].tx_payload_info.pAuthIV = 0;
644         sa_info[i].cipherMode = netTestCfg.sa[i].cipherMode;
645         sa_info[i].authMode = netTestCfg.sa[i].authMode;
646         sa_info[i].inner_ip_offset = sa_info[i].tx_payload_info.encOffset;
647         sa_info[i].auth_tag_size = netTest_AES_GMAC_ICV_LEN;
649         sa_info[i].tx_pkt_info.enetPort = 0;
650         sa_info[i].tx_pkt_info.ipOffBytes = sa_info[i].tx_payload_info.encOffset;
651         sa_info[i].tx_pkt_info.l4HdrLen = netTest_UDP_HEADER_LEN;
652         sa_info[i].tx_pkt_info.l4OffBytes = sa_info[i].inner_ip_offset + netTest_IP_HEADER_LEN;
653         sa_info[i].tx_pkt_info.startOffset = 0;
654         sa_info[i].tx_pkt_info.lpbackPass = 0;
655         sa_info[i].tx_pkt_info.ploadLen = 0;
656         sa_info[i].tx_pkt_info.pPkt = NULL;
657         sa_info[i].tx_pkt_info.saOffBytes = netTest_MAC_HEADER_LEN  + netTest_IP_HEADER_LEN;
658         sa_info[i].tx_pkt_info.saPayloadLen = 0;
659         sa_info[i].tx_pkt_info.pseudoHdrChecksum =0;
660        
661         sa_info[i].tx_pkt_info.txFlag1 = NWAL_TX_FLAG1_DO_IPSEC_ESP_CRYPTO |
662                                          NWAL_TX_FLAG1_DO_UDP_CHKSUM |
663                                          NWAL_TX_FLAG1_META_DATA_VALID;
664         
665         sa_info[i].dir =netTestCfg.sa[i].dir;
666         tmp_spi = netTest_utilHtonl((long)(netTestCfg.sa[i].spi));
667         tmp_tunnel = netTest_utilHtonl((long)(netTestCfg.tunnel_id[i]));
668         sa_info[i].spi =tmp_spi;
669         sa_info[i].tunnel_id = tmp_tunnel;
670         sa_info[i].src = *((long *)&netTestCfg.sa[i].src.ipv4[0]);
671         sa_info[i].dst = *((long *)&netTestCfg.sa[i].dst.ipv4[0]);
672         if (netTestCfg.sa[i].dir == NWAL_SA_DIR_INBOUND)
673         {
674            trie_insert(p_trie_sa_rx,(char *)&tmp_spi,4, (void *) &sa_info[i]);
675         }
676         else
677         {
678            trie_insert(p_trie_sa_tx,(char *)&tmp_tunnel,4, (void *) &sa_info[i]);
679         }
680     }
681     else
682         netapi_Log("netTest_utilBuildSADB(): invalid encryption/authentication combination selected\n");
685 int netTest_utilCreateSecAssoc(void)
687     nwal_RetValue       nwalRetVal;
688     int err = 0;
689     int i;
690     nwalSaIpSecId_t  nwalSaIpSecId;
691     uint32_t saId;
692     for (i=0; i < netTestCfg.num_sa;i++)
693     {
694         err = 0;
695         if(netTestCfg.sa[i].dir == NWAL_SA_DIR_INBOUND)
696         {
697             netTest_utilBuildSADB(i);
698             saId = i;
699             sa_info[i].rx_tunnel = netapi_secAddSA(
700             netapi_handle,
701             netTestCfg.ipsec_if_no, //iface #0 
702             &netTestCfg.sa[i],
703             &netTestCfg.key_params[i],
704             netTestCfg.ipsec_mode_rx == IPSEC_MODE_RX_SIDEBAND ? NETAPI_SEC_SA_SIDEBAND: NETAPI_SEC_SA_INFLOW,
705                 NULL,  //use default route 
706             &(sa_info[i].rx_data_mode_handle),
707             &(sa_info[i].rx_inflow_mode_handle),
708             (void*) saId,
709             &err);
710             if (err)
711             {
712                 netapi_Log("addRxSa failed %d\n",err);
713                 exit(1);
714             }
717             if (netTestCfg.ipsec_mode_rx == IPSEC_MODE_RX_INFLOW)
718             {
719                 //assume inner and outer ip is the same
720                 rx_policy[i]= netapi_secAddRxPolicy( netapi_handle,
721                              sa_info[i].rx_tunnel,  //link to tunnel above
722                              4,         //ipv4
723                              &netTestCfg.sa[i].src,
724                              &netTestCfg.sa[i].dst,
725                             NULL,  // no qualifiers
726                             NULL,  //default route
727                             NULL, //user_data
728                              &err);
729                 if (err)
730                 {
731                     netapi_Log("addSaPolicy failed  %d for index %d\n",err,i); 
732                     exit(1);
733                 }
734             }
735             else
736             {
737                 rx_policy[i] = 0;
738             }
739         }
740         //tx SA security stuff
741         if(netTestCfg.sa[i].dir == NWAL_SA_DIR_OUTBOUND)
742         {
743             netTest_utilBuildSADB(i);
744             saId = i;
745             sa_info[i].tx_tunnel = netapi_secAddSA( netapi_handle,
746                  0, //iface #0 
747                  &netTestCfg.sa[i],
748                  &netTestCfg.key_params[i],
749                 netTestCfg.ipsec_mode_tx == IPSEC_MODE_TX_SIDEBAND ? NETAPI_SEC_SA_SIDEBAND: NETAPI_SEC_SA_INFLOW,
750                 NULL,  //use default route 
751                 &(sa_info[i].tx_data_mode_handle),
752                 &(sa_info[i].tx_inflow_mode_handle),
753                 (void*)saId,
754                 &err);
755             if (err) {netapi_Log("addTxSa failed %d\n",err); exit(1);}
756         }
757     }
758     return err;
762 void netTest_utilDeleteSecAssoc()
764     int err,i;
765     for (i=0; i < netTestCfg.num_sa;i++)
766     {
767         err = 0;
768         if(sa_info[i].dir == NWAL_SA_DIR_INBOUND)
769         {
770             if (rx_policy[i])
771                 netapi_secDelRxPolicy(netapi_handle, rx_policy[i], &err);
772             if (err == 0) netapi_Log("polcicy deleted  %d\n", i );
773                 //delete tunnels
774             netapi_secDelSA(netapi_handle, 0, sa_info[i].rx_tunnel, &err);
775         }
776         
777         if(sa_info[i].dir == NWAL_SA_DIR_OUTBOUND)
778         {
779             netapi_secDelSA(netapi_handle, 0, sa_info[i].tx_tunnel, &err);
780         }
781     }